-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------- itcp advisory 4 advisories@it-checkpoint.net http://www.it-checkpoint.net/advisory/4.html March 14th, 2002 - ------------------------------------------------------------- translation.lycos.com and infoplease.lycos.com allow Cross Site Scripting - -------------------------- Affected program: - Vendor: Lycos.com Vulnerability-Class: Cross Site Scripting (CSS) OS specific: No Problem-Type: remote SUMMARY Cross Site Scripting in the translation and infoplease services of lycos.com possible DETAILS The translation and infoplease services of lycos.com are not checking for any hostile input so it is able to steal cookies. Bug analysis: Missing filters for Characters like "<" or ">" Impact: Stealing of cookies possible Exploit: The only thing you have to do is entering some HTML-Code in the textbox or just click on the following links: translation.lycos.com: http://translation.lycos.com/?urltext=<script>alert(document.cookie)</ script >&lp=en_de&partner=demo-Lycos2-en - -------------- infoplease.lycos.com: http://www.infoplease.lycos.com/search.php3?in=dictionary&query=</titl e><scr ipt>alert(document.cookie)</script> Solution: Implement a filter which filters dangerous characters, especially "<" and ">" ADDITIONAL INFORMATION Vendor has been contacted. - - ------------------------------------------------------- tSR <tsr@it-checkpoint.net> Member of: http://www.IT-Checkpoint.net We work for your security - - ----------------------- DISCLAIMER: The information in this bulletin is provided "AS IS" without warranty of any kind. In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com> iQA/AwUBPJCweCoElucNbCmCEQJ4owCg1uP6UotWtqeEWAgKPvP/wFbhkzcAoIF6 pRXZwkWImhsIXW2Cq/eQF9AF =MetP -----END PGP SIGNATURE-----
